Check Point SmartConsole

What's New In SmartConsole



New in R82
New in R82
Management Feature Release
HTTPS Inspection

New streamlined and assured approach to deploying HTTPS Inspection

Deployment assessment: Phased deployment for performance assessment


Full fail-open: Automatically detects and adds exceptions for client-side Inspection failures improving end-user experience


Default HTTPS inspection policy for best practice


HTTPS monitoring: a comprehensive status overview and detailed statistics


Web Security: Support of HTTP/3 over QUIC for Threat Prevention and Sandboxing

Enhanced Operational
Experience

Introducing new deployment modes for Clustering and VSX

New clustering technology (ElasticXL):

  • Single Management Object (SMO), delivering simplified cluster configuration
  • Automatic sync of configuration and software versions between cluster members

New VSX mode (VSNext):

  • Added capabilities to VSX with streamlined management experience for all types of gateways, physical and virtual
  • Improved provisioning by supporting Gaia Portal, Gaia Clish, Gaia REST API, and Management API
Advanced Threat
Prevention

Four New AI-Powered and cloud-delivered threat prevention engines for detecting malware, phishing & C2 communication

Advanced DNS Security enhancements:

  • Protection against NXNS Attacks
  • Support DNS over HTTPS (DoH)
  • Detailed statistics on DNS Security in SmartView Dashboard
  • Advanced DNS Security settings in Threat Prevention Profile

SNORT rules as an IoC Feed: Loading of SNORT rules file as a Custom Intelligence Feed to be enforced as an IPS protection

For more information, refer to the R82 Release Notes

November 2022
R81.20
R81.20
Management Feature Release
Deep Learning Deep Learning
Threat Prevention

Superior Threat Prevention with new AI Deep Learning engines.

  • Prevents 5x more DNS attacks in real-time.
    • Uses millions of zero-day IoC to prevent Command & Control connections and block data theft through DNS tunneling.
    • Response time to DNS attacks was decreased from hours to minutes.
  • Blocks 4x more attacks with patented in-line Zero Phishing (no software is required on the client side).
    Security Gateway blocks phishing attacks to prevent theft of credentials in any web browser.
Infinity Advanced Security with Cloud Services
  • Infinity Services for on-premises Management Servers - increase network security with advanced cloud-based security services.
  • IoT Network Security - Discover your IoT assets and enforce zero-trust policies.
  • SmartWorkflow - Built-in policy supervision over changes in Security Policies and objects.
  • Enforce changes in Access Control automatically without installing policy, using Network Feed objects.
  • Integrate with SAML 2.0 Identity Providers to allow secure authentication in SmartConsole and for Remote Access users.
  • Get the complete event visibility across all Check Point products for efficient monitoring.
Business Driven Business Driven
Security Performance
  • Hyperflow - provides 3x throughput boost for processing large file transfers (elephant flows).
  • Maestro Auto-Scaling - dynamically adds and removes Security Group Members based on CPU utilization and traffic.
  • Maestro Fastforward - provides ultra-low 1 microsecond latency and 100 Gbps throughput by offloading specific Access Control rules to the Quantum Maestro Orchestrator for hardware acceleration.
  • Scalable VPN performance - Security Gateway can process more Remote Access VPN connections at the same time.

For more information, refer to the R81.20 Release Notes

July 2021
R81.10
R81.10
Management Feature Release
Web SmartConsole SmartConsole now in your web browser

Web SmartConsole now includes Read/Write capabilities for most commonly used functions. More capabilities to be added over time.

Self Updatable SmartConsole Automatic updates for SmartConsole

SmartConsole is now updated automatically! No need to reinstall the client to get the latest fixes.

Loggging and Monitoring Logging and Monitoring

Distribute logs between multiple active Log Servers to support higher rate of logs and redundancy of Log Servers.

IPS and Anti-Bot logs now include a MITRE ATT&CK section that details the different techniques for malicious attack attempts.

New API New APIs and API Enhancements

Faster Management API execution.

REST API commands to simplify the creation of gateways in SmartProvisioning and more.

Access Control Access Control

Enhance security with the new Access Control Rulebase settings and defaults.

More features More Features and Enhancements

Significant Management stability and performance improvements.

IoT support for Multi Domain Management.

October 2020
R81
R81
Management Feature Release
infinity Threat Prevention Policy Autonomous Threat Prevention Policy

Out of the box, automatically updated policy profiles based on business and IT security needs.

Zero maintenance of policies and protections.

Concurrent_Policy Policy Installation

New acceleration mechanism drastically speeds up the Access Control policy installation time.

Install different policies on multiple Security Gateways in parallel.

NAT Policy New NAT Policy

NAT policy now supports Updatable and Domain objects, Access Roles and Security Zones.

Version Upgrade Version Upgrade

Manage upgrade of multiple security gateways and clusters in parallel.

Changes Report Changes Report

Review the applied changes to Access Control, Threat Prevention policies and common objects and compare revisions.

Query based Objects Query based Objects

Easily represent multiple Data Centers in Security Policy by building query based objects.

Custom Intelligent Feeds Custom Intelligence Feeds

Manage custom intelligence feeds fetched by Security Gateways.

Mitre Att&ck MITRE ATT&CK

A new MITRE ATT&CK view provides the ability to investigate security incidents according to the MITRE defense models, and extract immediate action items based on the mitigation flow.

azure ad Azure Active Directory Support in Identity Awareness

Use Azure AD users and groups for authentication and authorization.

January 2020
R80.40
R80.40
Management Feature Release
Migrate_tools Multi Domain Capabilities

Backup and restore a domain, migrate Security Management Server to a domain, migrate a domain to a Security Management Server.

HTTPS_Inspection_Layer HTTPS Inspection Layer

Manage HTTPS Inspection Policy in a new dedicated layer within SmartConsole and share across multiple policy packages.

Site_To_Site_VPN IPsec VPN

Manage multiple user defined encryption domains per community.

Manage large scale VPN environment using LSV profiles.

SmartTasks SmartTasks

Automate and customize actions based on predefined Management operation triggers.

CDT Hotfix Installation

Centrally deploy Hotfixes and Jumbo Hotfixes on multiple Security Gateways and Clusters in parallel.

Revert_To_Revision Revert To Revision

Revert to a previous management revision and continue working from that point.

IoT IoT Security Controller

Discover every IoT device in the network and turn its data into actionable security intelligence.

Automatically generate security policy based on customer’s profile, connected devices and IoT network status.

Mitre Att&ck MITRE ATT&CK

Expose advance forensics per SandBlast log focusing on Mitre Att&ck Techniques and Tactics.

Many more features with R80.40! More Features ...

CloudGuard Controller enhancements,
Captive Portal integration with SAML 2.0 and third party, Partial Search, and more...

May 2019
R80.30
R80.30
Management Feature Release
Full Text Search SmartConsole Extensions

Add third-party tools as panels and views inside SmartConsole.

CloudGuard IaaS CloudGuard IaaS

Use vCenter Tags and
NSX Universal Security Groups
in your security policy.

Since R80.20.M2

Logs & Monitoring Logs & Monitoring

Exporting your logs to Splunk Enterprise Security is now simpler.

Check Point's Splunk Add-On contains new dashboards for Check Point logs and events.

Since R80.20.M2

Infinity Overview Threat Prevention Dashboard

New Consolidated threat prevention dashboard providing full threat visibility across Networks, Mobile and Endpoints.

Since R80.20.M2

Advanced Threat Prevention Advanced Threat Prevention

Threat Extraction now proactively protects against threats contained in Web downloaded documents.

New Log Cards Threat Prevention logs

Threat Prevention logs contain new fields for forensics.

September 2018
R80.20
Multi Tasking Multi Tasking

One administrator can publish or discard several SmartConsole sessions, independently of the other sessions.

Since R80.20.M1

Logs Logs & Monitoring

Use improved log viewer with cards, profiles, statistics and filters to analyze events.

Create a secure log exporting channel using just 1 line of configuration.

Since R80.20.M1

Threat Prevention Threat Prevention

Configure malicious email policy with Threat Profiles in SmartConsole.

Mark IPS Protections to follow-up on them later.

CloudGuard IaaS CloudGuard IaaS (vSEC)

User experience enhancements when monitoring and configuring policies for virtual environments.

New data center objects for: Google Cloud Platform, Cisco ISE and Nuage.

Since R80.20.M1

Schedule Install Policy Schedule Install Policy

Create presets for cross-domain
policy installations.

Run policy installation presets with a single click or schedule to run them automatically.

Many more features with R80.20.M1! More Features ...

Endpoint Security Server updates, SmartProvisioning, Compliance, GDPR,
Global VPN Communities, Rule-base performance improvements, and more...

Since R80.20.M1

May 2017
R80.10
Unified policy & logs Unified Policy & Logs

Security policy is enhanced to accept or block traffic according to application & data.

One log entry shows network, application and data information.

Policy Layers Policy Layers

Policies can be segmented into layers, allowing simplicity and delegation.

Unified Threat Policy Unified Threat Policy

IPS and the SandBlast family can be unified as one policy and installed separately from Access Control changes.

Faster Policy Enforcement Model Faster Policy Enforcement Model

The new rule matching algorithm, improvements in acceleration templates and new FQDN-based domain objects increase your gateways' performance.

Policy Analysis Tools Policy Analysis Tools

Packet-mode search, rule navigation shortcuts and a session pane for change history increase your operational efficiency.

Automation and Tooling Automation and Tooling

New Management API commands for show-changes, verify-policy and more.

Visit Check Point's Github account for open-source tools based on the R80.10 Management API.

March 2016
R80
Concurrent Administrators Concurrent Administrators

Several administrators can work together using different sessions.

During a session, all modified objects are being locked.

Automation and API Automation and API

Objects and rules can be modified using CLI and web service API.

All management operations (e.g. policy installation) are supported.

SmartView SmartView

Unified threat management for correlated events based on the Check Point logs.

Customized overviews and reports to show real-time events. Drill-down from a chart to see the actual logs.

Integrated Monitor Views Integrated Monitor Views

Highlight a rule to view its logs.

All monitor views are integrated into the console.

Advanced Gateway Management Advanced Gateway Management

Detailed monitor view of all gateways in the system. Embedded commands of backup, scripts and more.

Operational Efficiency Operational Efficiency

Revert to previous policy, object tags, tabbed policy view, exporting to CSV files and more manageability enhancements.